Name: aws-ohio-vault-deployments
Owner: Stark & Wayne
Description: null
Created: 2018-03-18 00:16:20.0
Updated: 2018-03-18 02:37:57.0
Pushed: 2018-03-18 02:37:56.0
Homepage: null
Size: 119
Language: Perl
GitHub Committers
| User | Most Recent Commit | # Commits |
|---|
Other Committers
| User | Most Recent Commit | # Commits |
|---|
This repository contains the YAML templates that make up a series of vault BOSH deployments, using the format prescribed by the Genesis utility. These deployments are based off of the vault-genesis-kit.
Each environment managed by this repository will have its own
deployment file, e.g. us-east-prod.yml. However, in many cases,
it can be desirable to share param configurations, or kit configurations
across all of the environments, or specific subsets. Genesis supports
this by splitting environment names based on hypthens (-), and finding
files with common prefixes to include in the final manifest.
For example, let's look at a scenario where there are three environments
deployed by genesis: us-west-prod.yml, us-east-prod.yml, and us-east-dev.yml.
If there were configurations that should be shared by all environments,
they should go in us.yml. Configurations shared by us-east-dev and us-east-prod
would go in us-east.yml.
To see what files are currently in play for an environment, you can run
genesis <environment-name>
To create a new environment (called us-east-prod-vault):
genesis new us-east-prod
To build the full BOSH manifest for an environment:
genesis manifest us-east-prod
… and then deploy it:
genesis deploy us-east-prod
To rotate credentials for an environment:
genesis secrets us-east-prod
genesis deploy us-east-prod
To update the Concourse Pipeline for this repo:
genesis repipe
To download a new version of the kit, and deploy it:
genesis download vault [version] # omitting version downloads the latest
# update the environment yaml to use the desired kit version,
# this might be in a different file if using CI to propagate
# deployment upgrades (perhaps us.yml)
vi us-east-prod.yml
genesis deploy us-east-prod.yml # or commit + git push for CI to run through the upgrades
See the Deployment Pipeline Documentation for more information on getting set up with Concourse deployment pipelines.
ci.yml, and how the automated
deployment pipelines behave.Most of the meat of the deployment repo happens at the base level. Envirionment YAML files, shared YAML files, and the CI configuration YAML file will all be here.
The .genesis/manifests directory saves redacted copies of the
deployment manifests as they are deployed, for posterity, and to
keep track of any my-env-name-state.yml files from bosh create-env.
The .genesis/cached directory is used by CI to propagate changes
for shared YAML files along the pipelines. To aid in CI deploys, the
genesis/bin directory contains an embedded copy of genesis.
.genesis/kits contains copies of the kits that have been used in
this deployment. Once a kit is no longer used in any environment,
it can be safely removed (genesis summary).
.genesis/config is used internally by genesis to understand
what is being deployed, and how.